Arbitrary Memory Overwrite Vulnerability in Fetchmail

Arbitrary Memory Overwrite Vulnerability in Fetchmail

CVE-2001-1009 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.

Learn more about our Cis Benchmark Audit For Server Software.